mikeconrad/demystifying-docker
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
77a19aabda571658b362dc645fe1a1b87737f6b2
demystifying-docker/slides.md
Mike Conrad 77a19aabda Update slide deck
2025-06-08 11:46:27 -04:00

7.9 KiB
Raw Blame History

theme, background, title, info, class, drawings, transition, mdc
theme background title info class drawings transition mdc
seriph https://cover.sli.dev Welcome to Slidev ## Slidev Starter Template Presentation slides for developers. Learn more at [Sli.dev](https://sli.dev) text-center
persist
false
slide-left true

Demystifying Docker

Mike Conrad - SCS 2025

Press Space for next page

transition: fade-out layout: center

Why Containers?

  • "It works on my machine" is a thing of the past
  • Containers are lightweight and portable
  • Boot in milliseconds
  • Ideal for reproducible dev environments

transition: fade-out layout: center

Containers vs Virtual Machines

Feature VM Container
Boot time Minutes Seconds
Resource usage Heavy Lightweight
Isolation Strong Process-level
Portability Medium Very High

In reality we use containers and vm's together. Containers run inside of VM's for better security and isolation, especially in cloud and multi tenant environments.

transition: fade-out layout: center

What is Docker?

  • A tool to build and run containers
  • Docker engine runs containers using Linux features:
    • Namespaces
    • cgroups
    • Union file systems
  • Uses images layered from base -> app code

transition: fade-out layout: center

Docker Architecture

Docker Engine (Server) <-- REST API --> Docker CLI (Client)

[https://docs.docker.com/get-started/docker-overview/]

transition: fade-out layout: center

Docker Under the Hood

  • Namespaces: isolate PID, net, mount, etc.
  • cgroups: control CPU, memory, IO
  • UnionFS: layered filesystem (OverlayFS)

UnionFS diagram

transition: fade-out layout: center

Bind/Volume Mounts

  • 2 most common storage mechanisms
  • Different use cases and security implications

transition: fade-out layout: center

Bind Mounts

  • Mounting files/directories from the host machine directly into a container (merged overlayfs layer).
  • Processes inside container can modify files on host system.
  • Bind mounts are strongly tied to the host
  • Best for things like dev containers where you need to mount source code into container and have hot reload, etc.

Bind Mount Example

$ docker run --mount type=bind,src=/home/mikeconrad/projects/example/app,dst=/app,ro # ro for ReadOnly
$ docker run --volume /home/mikeconrad/projects/example/app:dst=/app

transition: fade-out layout: center

Volume Mount Example

$ docker run --name postgrestest \
   --mount type=volume,src=postgresData,dst=/var/lib/postgresql/data \
   -e POSTGRES_PASSWORD=postgres \ 
   --rm postgres:16 

$ docker run --name postgrestest \
    --volume postgresData:/var/lib/postgresql/data \
    -e POSTGRES_PASSWORD=postgres \
    --rm postgres:16 

$ docker volume inspect postgresData
[
    {
        "CreatedAt": "2025-06-08T10:39:12-04:00",
        "Driver": "local",
        "Labels": null,
        "Mountpoint": "/var/lib/docker/volumes/postgresData/_data",
        "Name": "postgresData",
        "Options": null,
        "Scope": "local"
    }
]
  • Docker creates a volume named postgresData and mounts that directory inside the container.

transition: fade-out layout: center

Volume mounts

  • Created and managed by the Docker Daemon
  • Volume data is stored on host filesystem but managed by Docker.
  • Used for persistent data.

transition: fade-out layout: center

Anatomy of a Dockerfile

FROM node:22-slim
WORKDIR /app
COPY package*.json ./
RUN npm install
COPY . .
EXPOSE 3000
CMD ["npm", "start"]
  • Starts with a base image
  • Copy files and install deps
  • Set default command
$ docker build -t node-app .

transition: fade-out layout: center

Multi Stage builds

# Stage 1: Build the Go binary
FROM node:22-alpine AS base
FROM base AS build
# Set working directory inside the build container
WORKDIR /app
COPY package*.json ./
RUN yarn

FROM base AS develop
COPY --from=base /app/node_modules /app/node_modules
COPY . .

ENTRYPOINT ["yarn", "dev"]
EXPOSE 3000
  • Use specific versions, not latest
  • Combine commands to reduce layers
  • Use .dockerignore
  • Prefer slim or alpine images
  • Run as non-root user if possible

transition: fade-out layout: center

What is Docker Compose?

  • Define multi-container apps in one file
  • Great for local dev and staging (and production!)

transition: fade-out layout: center

Q/A

transition: fade-out layout: center

Resources

VSCode plugins

https://marketplace.visualstudio.com/items?itemName=ms-azuretools.vscode-docker https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-containers https://marketplace.visualstudio.com/items?itemName=ms-azuretools.vscode-containers